CLAIMS 

What is claimed is: 



1 . A method for determining secure endpoints of tunnels in a network that uses Internet 
security protocol, the method comprising the computer-implemented steps of : 
sending from a first network device a first description of network traffic that is to be 

protected; 

receiving, at the first network device and from a second network device, a second 

description of network traffic that is to be protected; 
creating and storing a third description of network traffic that is to be protected based 

on determining a logical intersection of the first description of network traffic 

and the second description of network traffic; and 
establishing the secure connection between the first network device and the second 

network device based on the third description of network traffic. 

2. A method as recited in Claim 1 , wherein the first description comprises a first set of 
proxies, wherein the second description comprises a second set of proxies, and 
wherein the step of creating and storing a third description further comprises the step 
of determining a largest common subset between the first set of proxies and the 
second set of proxies. 

3 . A method as recited in Claim 1 , wherein the first description comprises a first 
protocol and the second description comprises a second protocol, and further 
comprising the steps of determining a third protocol for the third description based on 
determining a logical intersection of the first protocol and the second protocol. 

4. A method as recited in Claim 3, wherein determining the third protocol comprises the 
steps of: 

determining that the third protocol is IP when both the first description and the second 
description identify IP as a protocol; 
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5 determining that the third protocol is a specific protocol when the first description 

6 identifies IP and the second description identifies the specific protocol; 

7 determining that the third protocol is a specific protocol when both the first 

8 description and the second description identify the same specific protocol. 

1 5. The method as recited in Claim 1 , wherein the first description comprises a packet 

2 summary value that summarizes packets in the network traffic to be protected, and 

3 wherein the second description is generated by the second network device based on 

4 comparing the packet summary value to one or more access control lists that are 

5 managed by the second network device. 

1 6. The method as recited in Claim 1 , wherein the first description of network traffic 

2 comprises a packet summary that includes: 

3 IP protocol information that is associated with the network traffic emanating from a 

4 source end host, wherein the source end host is associated with the first 

5 network device; 

6 port information that is associated with the source end host; 

7 port information that is associated with a destination end host, wherein the destination 

8 end host is associated with the second network device; 

9 an IP address that is associated with the source end host; 

10 an IP address that is associated with the destination end host; and 

1 1 a proxy address of the source end host; 

12 wherein the second description is generated by the second network device based on 

1 3 comparing the packet summary to one or more access control lists that are 

1 4 managed by the second network device. 

1 7, The method as recited in Claim 1, further comprising the step of: 

2 determining, at the second network device, whether the packet summary matches a 

3 security policy information that is associated with the second network device; 

4 wherein the packet summary is associated with the first description of network traffic. 
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1 8. The method as recited in Claim 1 , wherein the second description of network traffic 

2 comprises a response that includes: 

3 IP protocol information that is associated with the network traffic emanating from a 

4 destination end host, wherein the destination end host is associated with the 

5 second network device; 

6 an IP address that is associated with the second network device; and 

7 proxy addresses that are associated with a destination end host. 

1 9. The method as recited in Claim 8, wherein the proxy addresses that are associated 

2 with the destination end host include a first subnet that includes the destination end 

3 host and a second subnet that includes a source end host, wherein the source end host 

4 is associated with the first network device. 

1 1 0. The method as recited in Claim 1 , wherein deriving a third description of network 

2 traffic further comprises the step of: 

3 determining based on the first description of network traffic and the second 

4 description of network traffic a first intersection proxy comprising protocol 

5 information; 

6 determining based on the first description of network traffic and the second 

7 description of network traffic a second intersection proxy comprising port 

8 information; and 

9 determining based on the first description of network traffic and the second 

1 0 description of network traffic a third intersection proxy comprising proxy 

1 1 address information. 

1 11. The method as recited in Claim 1 , further comprising the steps of: 

2 receiving at the first network device an IP packet from a source end host that is 

3 associated with the first network device; 

4 verifying that the IP packet falls within the third description of network traffic. 

1 12. A method as recited in Claim 1 , wherein the first description comprises a first port 

2 value and the second description comprises a second port value, and further 
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3 comprising the steps of determining a third port value for the third description based 

4 on determining a logical intersection of the first port value and the second port value. 

1 13. A method as recited in Claim 1 2, wherein determining the third port value comprises 

2 the steps of: 

3 determining that the third port value is a specific port value when both the first 

4 description and the second description identify the same specific port value; 

5 determining that the third port value is a specific port value when one of the first 

6 description and the second description identify the specific port value. 

1 14. A computer-readable medium carrying one or more sequences of instructions for 

2 determining secure endpoints of tunnels in a network that uses Internet security 

3 protocol, which instructions, when executed by one or more processors, cause the one 

4 or more processors to carry out the steps of: 

5 sending from a first network device a first description of network traffic that is to be 

6 protected; 

7 receiving, at the first network device and from a second network device, a second 

8 description of network traffic that is to be protected; 

9 creating and storing a third description of network traffic that is to be protected based 

10 on determining a logical intersection of the first description of network traffic 

1 1 and the second description of network traffic; and 

12 establishing the secure connection between the first network device and the second 

1 3 network device based on the third description of network traffic. 

1 15. A computer-readable medium as recited in Claim 1 4, wherein the first description 

2 comprises a first set of proxies, wherein the second description comprises a second set 

3 of proxies, and wherein the step of creating and storing a third description further 

4 comprises the step of determining a largest common subset between the first set of 

5 proxies and the second set of proxies. 

1 16. A computer-readable medium as recited in Claim 14, wherein the first description 

2 comprises a first protocol and the second description comprises a second protocol, 
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3 and further comprising the steps of determining a third protocol for the third 

4 description based on determining a logical intersection of the first protocol and the 

5 second protocol. 

1 17. A method for establishing a secure connection between two network devices, the 

2 method comprising the computer-implemented steps of: 

3 receiving, at a second network device and from a first network device, a first 

4 description of network traffic that is to be protected; 

5 in response to receiving the first description of network traffic, creating and sending 

6 to the first network device a second description of network traffic that is to be 

7 protected; 

8 receiving at the second network device a third description of network traffic that is to 

9 be protected from the first network device based on a logical intersection of 

1 0 the first description of network traffic and the second description of network 

1 1 traffic; and 

12 establishing the secure connection between the first network device and the second 

1 3 network device based on the third description of network traffic. 

1 18. A computer-readable medium carrying one or more sequences of instructions for 

2 establishing a secure connection between two network devices, which instructions, 

3 when executed by one or more processors, cause the one or more processors to carry 

4 out the steps of: 

5 receiving, at a second network device and from a first network device, a first 

6 description of network traffic that is to be protected; 

7 in response to receiving the first description of network traffic, creating and sending 

8 to the first network device a second description of network traffic that is to be 

9 protected; 

10 receiving at the second network device a third description of network traffic that is to 

11 be protected from the first network device based on a logical intersection of 

12 the first description of network traffic and the second description of network 

13 traffic; and 
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14 establishing the secure connection between the first network device and the second 

1 5 network device based on the third description of network traffic. 

1 19. An apparatus for determining secure endpoints of tunnels in a network that uses 

2 Internet security protocol, comprising: 

3 means for sending from a first network device a first description of network traffic 

4 that is to be protected; 

5 means for receiving, at the first network device and from a second network device, a 

6 second description of network traffic that is to be protected; 

7 means for creating and storing a third description of network traffic that is to be 

8 protected based on determining a logical intersection of the first description of 

9 network traffic and the second description of network traffic; and 

10 means for establishing the secure connection between the first network device and the 

1 1 second network device based on the third description of network traffic. 

1 20. An apparatus for determining secure endpoints of tunnels in a network that uses 

2 Internet security protocol, comprising: 

3 a network interface that is coupled to the network for receiving one or more packet 

4 flows therefrom; 

5 a processor; 

6 one or more stored sequences of instructions which, when executed by the processor, 

7 cause the processor to carry out the steps of: 

8 sending from a first network device a first description of network traffic that is 

9 to be protected; 

10 receiving, at the first network device and from a second network device, a 

1 1 second description of network traffic that is to be protected; 

12 creating and storing a third description of network traffic that is to be 

1 3 protected based on determining a logical intersection of the first 

14 description of network traffic and the second description of network 

15 traffic; and 
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establishing the secure connection between the first network device and the 
second network device based on the third description of network 
traffic. 
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